Apple’s Cook Opposes Court Order to Hack San Bernardino Shooter’s Phone

Apple chief executive Tim Cook opposes a court order mandating that Apple help the FBI crack an iPhone belonging to San Bernardino shooter Syed Farook.

Apple CEO Tim Cook late Tuesday defiantly challenged a U.S federal magistrate judge’s order that it help the FBI break into an iPhone 5c belonging to one of the shooters involved in last December’s attack in San Bernardino, Calif.

Cook released a letter last night expressing his opposition to the court order and called for a public discussion about the implications the decision could have on privacy and security moving forward.

“The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals,” Cook said, later calling the FBI’s actions a dangerous expansion of its authority under the All Writs Act of 1789.

The court order, granted by Judge Sheri Pym, is a two-page document demanding that Apple assist in cracking the phone of suspect Syed Farook. The phone is locked with a four-digit passcode, and with each incorrect guess, the lag between the next allowed guess grows, and eventually after 10 incorrect guesses, the phone will be wiped. The FBI wants the data on the device to aid in its investigation of the shooting and any alleged terrorism contacts Farook may have stored on the device.

SB-Shooter-Order-Compelling-Apple-Asst-iPhone-p2-normal

Cook: ‘Chilling Demands’

Pym’s order demands that Apple provide a one-time firmware update customized for this one device that will bypass the auto-erase function protecting the phone. The update would essentially allow the FBI to brute-force the passcode and have unfettered access to the data.

“The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data,” Cook said. “The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

“Opposing this order is not something we take lightly,” Cook said. “We feel we must speak up in the face of what we see as an overreach by the U.S. government.”

Electronic Frontier Foundation deputy executive director and general counsel Kurt Opsahl defended Apple and said that should the company be compelled to create what he calls a “master key” for this one device, that the government will ask for it over and over for other devices, something that Cook said as well in his letter.

“The U.S. government wants us to trust that it won’t misuse this power. But we can all imagine the myriad ways this new authority could be abused,” Opsahl said. “Even if you trust the U.S. government, once this master key is created, governments around the world will surely demand that Apple undermine the security of their citizens as well.”

‘Going Dark’ Ramps Up

This is the latest chapter in the government’s and law enforcement’s crusade against what it calls the “Going Dark” problem precipitated by Apple and Google’s decision to relinquish their control over the encryption keys protecting iOS and Android devices. As a result, the government can no longer compel the technology giants via court order or National Security Letter to turn over user data from these devices. The keys now live on the devices and are unlocked via the passcode.

“We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption,” Cook said. “Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.”

For months, the government has tried many avenues available to them to circumvent Going Dark, asking initially for backdoors, shared keys and key escrow where multiple parties would share part of the key and use them only under court orders. The complexity introduced by such a plan, experts warned, would be untenable. Not to mention that those same experts warn that exceptional access would also break forward secrecy and other cryptographic advancements made in the last decade.

“If we were able to engineer a mechanism where we’re splitting a key and having a third party escrow it where the government could ask for it, the very next thing that would happen is that China et al will ask for the same solution. And we’re unlikely to give them the same solution,” said Eric Wenger, director of cybersecurity and privacy, global government affairs at Cisco Systems. “Complexity kills, and the more complex you make a system, the more difficult it is to secure it. I don’t see how developing a key-bases solution secures things the way you want it to without creating a great deal of complexity and having other governments demand the same thing.”

Earlier this month, a team of crypto luminaries published a paper rebuking the government’s Going Dark problem, pointing out that while mobile devices do hold a trove of data that is currently out of reach, there are many other sources of unencrypted data—metadata and the data produced by sensors and other embedded and connected IoT devices are just two examples—that would be of value in investigations.

Rob Graham, a longtime network security expert, wrote yesterday on Errata Security that the age of Farook’s device could indeed pave the way to Apple cracking the phone. The 5C, Graham said, isn’t protected by Apple’s Secure Enclave (available since iOS 8), which decrypts authentication inputs (passcodes and fingerprints) on the device.

“The upshot is this. It’s an older phone. If the iOS version is old, and especially if it’s been configured to ‘trust’ a laptop/desktop, then there is a good chance Apple or the FBI could decrypt it,” Graham said. “If the software is reasonably up-to-date, my understanding of how iPhone’s work, it’s impossible at the moment for Apple to decrypt the device, especially as suggested by the court order.”

In the meantime, it would appear Cook and Apple are prepared to bunker in for a long fight.

“We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications,” Cook said. “While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.